diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-05-08 19:37:15 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-08 19:37:15 +0300 |
commit | 63d6a3f7b03509d2119158dfb9384d489d96e2d9 (patch) | |
tree | 58e51baf36196fad3440d6d4c8ad2c5aa76a00aa | |
parent | e90430bed2ba62a751bf43ff367576e84b9130f6 (diff) | |
parent | 21a0e62915b4c1275a08a46631fad5376355b9df (diff) | |
download | pysaml2-63d6a3f7b03509d2119158dfb9384d489d96e2d9.tar.gz |
Merge pull request #683 from rakvat/master
Fix escape not in cgi in example for newer python versions
-rwxr-xr-x | example/sp-wsgi/sp.py | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/example/sp-wsgi/sp.py b/example/sp-wsgi/sp.py index bec6747f..bd8a9578 100755 --- a/example/sp-wsgi/sp.py +++ b/example/sp-wsgi/sp.py @@ -2,7 +2,10 @@ from __future__ import print_function import argparse -import cgi +try: + import html +except: + import cgi as html import importlib import logging import os @@ -48,6 +51,9 @@ from saml2.s_utils import sid from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.samlp import Extensions +def _html_escape(payload): + return html.escape(payload, quote=True) + logger = logging.getLogger("") hdlr = logging.FileHandler("spx.log") base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") @@ -699,7 +705,7 @@ def main(environ, start_response, sp): body = dict_to_table(user.data) body.append( "<br><pre>{authn_stmt}</pre>".format( - authn_stmt=cgi.escape(user.authn_statement) + authn_stmt=_html_escape(user.authn_statement) ) ) body.append("<br><a href='/logout'>logout</a>") |